CVE-2015-1701

KEV · Ransomware EPSS 90.18% · P100 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-1701

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Windows Win32k 特权提升漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。当Microsoft Windows Win32k.sys内核模式驱动程序不正确地处理内存中的对象时，存在一个特权提升漏洞。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。以下系统受到影响：Microsoft Windows Server 2003 SP2，Vista SP2，Server 2008 SP2。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-1701

#	POC Description	Source Link	Shenlong Link
1	Win32k LPE vulnerability used in APT attack	https://github.com/hfiref0x/CVE-2015-1701	POC Details
2	Unspecified vulnerability in Microsoft Windows before 8 allows local users to gain privileges via unknown vectors, as exploited in the wild in April 2015 (Base Score: 7.2 HIGH) Current Description Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability	https://github.com/Anonymous-Family/CVE-2015-1701	POC Details
3	None	https://github.com/Anonymous-Family/CVE-2015-1701-download	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-1701

请登录查看更多情报信息。

http://twitter.com/symantec/statuses/590208710527549440x_refsource_MISC
https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.htmlx_refsource_MISC
http://www.securityfocus.com/bid/74245vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/37049/exploitx_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/37367/exploitx_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1032155vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-051vendor-advisoryx_refsource_MS
http://seclists.org/fulldisclosure/2020/May/34mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2015-1701

Same Patch Batch · n/a · 2015-04-21 · 64 CVEs total

CVE-2015-3362		Drupal Video模块跨站脚本漏洞
CVE-2014-5361		LANDESK Management Suite 跨站请求伪造漏洞
CVE-2015-2041		Linux kernel 代码注入漏洞
CVE-2015-2825		WordPress Simple Ads Manager 任意文件上传漏洞
CVE-2014-5370		New Atlanta BlueDragon 目录遍历漏洞
CVE-2015-3367		Drupal Patterns模块跨站请求伪造漏洞
CVE-2015-3366		Drupal Alfresco模块跨站请求伪造漏洞
CVE-2015-3365		Drupal nodeauthor模块跨站脚本漏洞
CVE-2015-3364		Drupal Content Analysis模块跨站脚本漏洞
CVE-2015-3363		Drupal Contact Form Fields模块跨站请求伪造漏洞
CVE-2015-3368		Drupal Classified Ads模块跨站脚本漏洞
CVE-2015-3361		Drupal Linkit模块跨站脚本漏洞
CVE-2015-3360		Drupal Term Merge模块跨站脚本漏洞
CVE-2015-3359		Drupal Room Reservations模块跨站脚本漏洞
CVE-2015-3358		Drupal Tadaa!模块开放重定向漏洞
CVE-2015-3357		Drupal Wishlist模块跨站脚本漏洞
CVE-2015-3356		Drupal Tadaa!模块跨站请求伪造漏洞
CVE-2015-3355		Drupal Batch Jobs模块跨站请求伪造漏洞
CVE-2015-3354		Drupal Wishlist模块跨站请求伪造漏洞
CVE-2015-3353		Drupal Field Display Label模块跨站脚本漏洞

Showing top 20 of 64 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-1701

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2015-1701

I. Basic Information for CVE-2015-1701

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2015-1701

III. Intelligence Information for CVE-2015-1701

Same Patch Batch · n/a · 2015-04-21 · 64 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2015-1701

Leave a comment